b6fe4179fdafeb89e87e6decc8183fed4d2ed138331930c8e4497ec4c9379e1e

Sharing

Copy URL Twitter E-mail

General

Target

b6fe4179fdafeb89e87e6decc8183fed4d2ed138331930c8e4497ec4c9379e1e
Size

998KB
MD5

d07f6fae50c367bcc09733835de22b7a
SHA1

c29509cc41ea4fde6605ebeb2ea4ed0354d0e375
SHA256

b6fe4179fdafeb89e87e6decc8183fed4d2ed138331930c8e4497ec4c9379e1e
SHA512

d703d81e45377f39ce5f3eab419df27525431378a027048036d6df1ab3cb1b7dd00275271c8093d78306d73c789fef2aa3da1868ee3a8b256fa42df62b09341a
SSDEEP

24576:7dj95YvNkd5PzWJP7IyM7vfBjS4pGi0A83BVMJ:G1+FzWJP7IjpjSF/H2

Score

N/A

Malware Config

Signatures

Files

b6fe4179fdafeb89e87e6decc8183fed4d2ed138331930c8e4497ec4c9379e1e
.exe windows x86

981942f318e960d229e27c01581f2e40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_snwprintf
atoi
_itow
_c_exit
__p__commode
__setusermatherr
__winitenv
_vsnwprintf
_onexit
_purecall
fputs
_adjust_fdiv
_iob
__p__fmode
_controlfp
realloc
__dllonexit
_cexit
??2@YAPAXI@Z
_wcslwr
free
iswspace
??3@YAXPAX@Z
vwprintf
__CxxFrameHandler
wcsstr
_snprintf
strchr
exit
_XcptFilter
strncmp
wcsrchr
_except_handler3
_initterm
__set_app_type
??1type_info@@UAE@XZ
qsort
_vsnprintf
_exit
?terminate@@YAXXZ
_itoa
_CxxThrowException
memset
__wgetmainargs
_wcsicmp
_wcsnicmp
wcslen

ole32

CoTaskMemFree
StringFromIID
StringFromCLSID
CoInitialize
CoUninitialize
CLSIDFromString
CoCreateInstance

shell32

CommandLineToArgvW

user32

CharNextW
wsprintfW
CharNextA

imagehlp

ImageDirectoryEntryToData
ImageRvaToVa
ImageNtHeader
ImageGetDigestStream

kernel32

LoadLibraryExW
GlobalAlloc
GlobalFree
SetFilePointer
FindClose
GetFullPathNameA
OutputDebugStringA
ExitProcess
GetACP
FindNextFileW
lstrcmpiA
GetSystemDirectoryA
lstrlenA
IsDebuggerPresent
BeginUpdateResourceW
ReadFile
GetVersionExW
GetFileAttributesA
InterlockedDecrement
GetEnvironmentVariableA
InterlockedExchange
FreeResource
GetLocaleInfoA
GetOEMCP
RaiseException
RemoveDirectoryW
lstrlenW
RemoveDirectoryA
DebugBreak
LoadLibraryExA
CopyFileW
GetFileInformationByHandle
lstrcpyA
WideCharToMultiByte
InterlockedIncrement
LocalFree
EndUpdateResourceW
GetThreadLocale
GetFullPathNameW
GetModuleHandleW
GetVersion
GetFileAttributesW
CopyFileA
InterlockedCompareExchange
FreeLibrary
CloseHandle
UpdateResourceW

msvfw32

DrawDibRealize
ICRemove

Sections

.text
Size: 705KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

981942f318e960d229e27c01581f2e40

Headers

File Characteristics

Imports

msvcrt

ole32

shell32

user32

imagehlp

kernel32

msvfw32

Sections

.text Size: 705KB - Virtual size: 705KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 251KB - Virtual size: 251KB

.rsrc Size: 37KB - Virtual size: 3.2MB

.text
Size: 705KB - Virtual size: 705KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 251KB - Virtual size: 251KB

.rsrc
Size: 37KB - Virtual size: 3.2MB